Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Critical
-
Resolution: Duplicate
-
Affects Version/s: 3.17.0
-
Fix Version/s: None
-
Component/s: Crowd
-
Labels:
Description
Configure Nexus Repo 3.17.0 to use Atlassian Crowd authentication. Then go to the "security–>users" screen, and switch the source drop down to "crowd". This will trigger an query like this to crowd:
2019-06-26 11:35:19,379-0500 DEBUG [qtp1396977020-400] admin org.apache.http.headers - http-outgoing-5 >> POST /rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=2147483647&expand=user HTTP/1.1
Note the value of "max-results".
We then iterate over every single result, and get the user's details, and make a second query to get their crowd groups.
In a large crowd server this can take a very, very long time. Against our own crowd server this was running for more than 15 minutes before I finally gave up and killed it.
Expected: We should not do any search by default, instead wait for a user to input a search term. And after inputing the search term we should limit the number of results that can be retrieved.
Note that Nexus Repo 2 does not do a default search for crowd.
This issue can make crowd unusable for customers that have very large crowd directories.
Attachments
Issue Links
- duplicates
-
-
- Closed
-